3 matches found
CVE-2014-9130
CVE-2014-9130 affects LibYAML (used by YAML-LibYAML/YAML-XS in Perl) where wrapping of strings can trigger an assertion failure, causing a denial-of-service crash. Concrete details across connected docs identify LibYAML 0.1.5 and 0.1.6 as vulnerable; a patched version (0.1.7 or later) is availabl...
CVE-2013-6393
CVE-2013-6393 affects LibYAML: the yaml_parser_scan_tag_uri function in scanner.c of LibYAML before 0.1.5 performs an incorrect cast, enabling a heap-based buffer overflow that can crash the application and possibly allow arbitrary code execution via crafted YAML tags. The initial description and...
CVE-2014-2525
CVE-2014-2525 : LibYAML's yaml_parser_scan_uri_escapes() has a heap-based buffer overflow when parsing percent-encoded text in a URI within YAML documents. The issue affects LibYAML before 0.1.6 and can allow arbitrary code execution via a crafted YAML file. Affected products use libyaml librarie...